Hi,
Our app is currently undergoing VAPT, and one of the concerns raised is the ability of jailbroken devices to run our app.
To mitigate this concern, we have implemented the RootJailbreakPlugin in several login flows as depicted in the attached screenshots.
However, this implementation has still failed to pass VAPT.
Could you please confirm if our implementation is correct? If not, what steps should we take to rectify this issue?
Thank you.
Can you try this Outsystems supported component. Hope this will be helpful.
Regards,
Wasimkhan S
@YS Yeo did you find a solution for this?
Hello @YS Yeo and @Matthias Preuter ,
First of all, sorry for my late reply ^^
Secondly, yes your implementation is correct, the plugin should be really simple to implement and straight forward.
Please make sure that you generate new builds (IPA and APK/AAB files) after adding the plugin to your code.
What type of VAPT tests are your security team executing? Can you provide more details?
Kind regards,
Rui Barradas
Performed test:
iPhone 7 15.8.3 is now Jailbroken, used instructions on http://ios.cfw.guide (Dopamine)
And after this action the Mobile app is still able to run
We have a slightly different implementation, this action is running in the OnInitialize of the layoutl and throws an exception when this action returns IsRooted.
Best regards,
Matthias
Can somebody confirm that this component is not working for iOS?